Open matrixbot opened 3 weeks ago
This comment was originally posted by @hughns at https://github.com/matrix-org/matrix-authentication-service/issues/1876#issuecomment-1753006820.
@pmaier1 we need some product input on this, please.
Should the user be required to complete any additional verification step ahead of being able to delete their account? e.g. OTP via email and/or re-authenticate?
Do you want the re-auth requirements to be configurable by the server admin?
This comment was originally posted by @hughns at https://github.com/matrix-org/matrix-authentication-service/issues/1876#issuecomment-1938733375.
@jaywink please can you confirm if this is needed or not for the Element One migration? If not I will change the phase on the issue in the project board.
This comment was originally posted by @jaywink at https://github.com/matrix-org/matrix-authentication-service/issues/1876#issuecomment-1941288133.
@jaywink please can you confirm if this is needed or not for the Element One migration? If not I will change the phase on the issue in the project board.
@hughns This is not a blocker for EO, in fact we would actually want "An admin should be able to disable this function" to exist once MAS supports self-serve account deactivation.
This comment was originally posted by @americanrefugee at https://github.com/matrix-org/matrix-authentication-service/issues/1876#issuecomment-2122121115.
This issue was originally created by @hughns at https://github.com/matrix-org/matrix-authentication-service/issues/1876.
The self-service account UI should expose a UI to allow a user to delete their own account.
An admin should be able to disable this function if they choose. e.g. if deactivation is handled via an upstream IdP or some other means.
Open questions:
Relevant design screens: